MCP Configuration

Connect to external tools and services via Model Context Protocol. Use this skill when an MCP server connection is needed or a new tool integration is requested.

5 stars

Best use case

MCP Configuration is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Connect to external tools and services via Model Context Protocol. Use this skill when an MCP server connection is needed or a new tool integration is requested.

Teams using MCP Configuration should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/mcp-config/SKILL.md --create-dirs "https://raw.githubusercontent.com/BasharAmso/Bashi/main/.claude/skills/mcp-config/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/mcp-config/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How MCP Configuration Compares

Feature / AgentMCP ConfigurationStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Connect to external tools and services via Model Context Protocol. Use this skill when an MCP server connection is needed or a new tool integration is requested.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Skill: MCP Configuration

## Metadata

| Field | Value |
|-------|-------|
| **Skill ID** | SKL-0022 |
| **Version** | 1.0 |
| **Owner** | deployer |
| **Inputs** | Task description, STATE.md, existing .mcp.json |
| **Outputs** | .mcp.json, STATE.md updated |
| **Triggers** | `TOOL_CONNECTION_REQUESTED`, `MCP_SERVER_NEEDED` |

---

## Purpose

Configure Claude Code's `.mcp.json` to connect the project to external tools (GitHub, Notion, Slack, databases, etc.) via MCP servers. This is framework-level wiring — not application code that calls these services.

---

## Transport Defaults

| Context | Transport | Example |
|---------|-----------|---------|
| Local npm/Docker server | stdio | GitHub MCP, Postgres MCP |
| Remote cloud API | HTTP | Notion OAuth, Linear OAuth |

**Never use SSE transport** — deprecated and removed in Claude Code v2.0.9+.

---

## Server Defaults Table

| Service | Package / Endpoint | Transport | Credentials |
|---------|-------------------|-----------|-------------|
| GitHub | `@github/github-mcp-server` | stdio | `GITHUB_PERSONAL_ACCESS_TOKEN` |
| Notion (OAuth) | `https://mcp.notion.com/mcp` | HTTP | OAuth browser flow |
| Notion (API key) | `@notionhq/notion-mcp-server` | stdio | `NOTION_TOKEN` |
| Slack | `zencoderai/slack-mcp-server` | stdio | `SLACK_BOT_TOKEN`, `SLACK_TEAM_ID` |
| Linear | `https://mcp.linear.app/mcp` | HTTP | OAuth browser flow |
| PostgreSQL | `@modelcontextprotocol/server-postgres` | stdio | `POSTGRES_CONNECTION_STRING` |
| Supabase | `@modelcontextprotocol/server-supabase` | stdio | `SUPABASE_URL`, `SUPABASE_ANON_KEY` |
| Filesystem | `@modelcontextprotocol/server-filesystem` | stdio | none |
| Brave Search | `brave/brave-search-mcp-server` | stdio | `BRAVE_API_KEY` |

> If service not in this table, consult Explorer agent to research the correct server.

---

## Procedure

1. **Clarify what to connect:**
   - Which service(s)?
   - What capabilities needed? (read issues, write pages, query tables)
   - Project scope (committed) or local scope (developer-only)?

2. **Read existing .mcp.json** — preserve all existing server entries.

3. **Build config block** using transport defaults:
   - stdio: `"command": "npx", "args": ["-y", "<package>"], "env": {"<VAR>": "${<VAR>}"}`
   - HTTP: `"type": "http", "url": "<endpoint>"`
   - HTTP+OAuth: `"type": "http", "url": "<endpoint>"` (no token needed)

4. **Write updated .mcp.json** — merge new server with existing servers.

5. **Provide credential setup instructions:**
   - Export block for each `${ENV_VAR}` referenced.
   - Link to where the user obtains each token.

6. **Verify connection** via `claude mcp list` and `/mcp` command.

7. **Log to STATE.md** under Active MCP Integrations section.

---

## Common Errors

| Error | Cause | Fix |
|-------|-------|-----|
| `Connection closed` / `MCP error -32000` | Windows: npx can't run directly | Change to `"command": "cmd"`, prefix args with `"/c", "npx"` |
| `spawn npx ENOENT` | npx not in PATH | Use absolute path or fix shell PATH |
| Server not in `claude mcp list` | .mcp.json in wrong location | Must be at project root |
| Silent no-op | JSON syntax error | Validate with JSON linter |

---

## Constraints

- Never store raw secrets in .mcp.json — always use `${ENV_VAR}` expansion
- Never overwrite existing .mcp.json without reading and preserving existing servers
- Never configure SSE transport
- Never add servers the user hasn't requested
- Always use project scope for team-shared servers

---

## Primary Agent

deployer

---

## Definition of Done

- [ ] Requested MCP server(s) configured in .mcp.json
- [ ] All credentials use ${ENV_VAR} expansion (no raw secrets)
- [ ] Existing servers preserved
- [ ] Credential setup instructions provided
- [ ] Connection verified via `claude mcp list`
- [ ] STATE.md updated with Active MCP Integrations

## Output Contract

| Field | Value |
|-------|-------|
| **Artifacts** | `.mcp.json` (created or updated at project root) |
| **State Update** | `.claude/project/STATE.md` — mark task complete, log Active MCP Integrations |
| **Handoff Event** | `TASK_COMPLETED` (MCP server configured) |

Related Skills

Supply Chain Audit

5
from BasharAmso/Bashi

Audit the dependency supply chain for security risks beyond what `npm audit` or `pip audit` catches. Analyzes dependency health, maintainer trust signals, typosquatting risk, and transitive dependency exposure.

SEO Audit

5
from BasharAmso/Bashi

Audit web pages for search engine optimization: meta tags, heading hierarchy, structured data, image optimization, mobile-friendliness, and content quality. Complements SKL-0013 (Growth & Distribution) by validating what was built.

Pitch Deck

5
from BasharAmso/Bashi

Create a structured pitch deck outline for investors, stakeholders, or partners. Covers problem, solution, market, traction, team, and ask. Natural output after PRD + Problem Stress Test validation.

Launch Checklist

5
from BasharAmso/Bashi

Pre-launch validation covering everything deployment (SKL-0021) doesn't: analytics, error tracking, social meta, legal pages, email setup, DNS, SSL, and go-live readiness. Produces a launch readiness report with pass/fail checklist. Use this skill before going live on any project.

Insecure Defaults Detection

5
from BasharAmso/Bashi

Detect insecure default configurations, hardcoded credentials, fail-open security patterns, and dangerous default values in application code and configuration files. Complements SKL-0015 (Security Audit) by focusing on configuration-level vulnerabilities that dependency scanners miss.

Differential Security Review

5
from BasharAmso/Bashi

Security-focused review of code changes using git diff analysis. Identifies security implications of recent modifications — new attack surfaces, removed protections, changed auth logic, and risky refactors. Complements SKL-0016 (Code Review) with a security lens on diffs.

Copywriting

5
from BasharAmso/Bashi

Write conversion-focused copy using proven frameworks (AIDA, PAS, BAB). Produces headlines, CTAs, landing page copy, email sequences, and micro-copy. Ensures copy matches brand voice and target audience.

Competitor Analysis

5
from BasharAmso/Bashi

Structured competitor research: features, pricing, positioning, gaps, and differentiation strategy. Feeds into PRD Writing (SKL-0004) and Problem Stress Test (SKL-0027) with better market context.

UX Design

5
from BasharAmso/Bashi

Design user experiences including wireframes, flows, and interaction patterns. Use this skill when UX design work is requested, including onboarding flows and interface layouts.

User Acceptance Testing

5
from BasharAmso/Bashi

Structured QA testing with four modes: diff-aware (auto-scoped to branch changes), full (systematic exploration), quick (30-second smoke test), and regression (compare against baseline). Produces health score, structured reports, and actionable bug lists. Use this skill when UAT is requested or a feature is ready for acceptance testing.

Token Audit

5
from BasharAmso/Bashi

Audit the current project for token waste patterns. Produces a Token Health Report with scored findings and actionable fixes. Use this skill when token usage feels high, sessions are hitting limits, or before optimizing costs.

Test Writing

5
from BasharAmso/Bashi

Write automated tests for existing or new functionality. Use this skill when tests are requested, including unit tests, integration tests, and end-to-end tests.